DSMIX: a Dynamic Self-Organizing Mix Anonymous System Renpeng Zou∗, Xixiang Lv∗, ∗School of Cyber Engineering, Xidian University, Xian 710071, China

DSMIX: a Dynamic Self-Organizing Mix Anonymous System Renpeng Zou∗, Xixiang Lv∗, ∗School of Cyber Engineering, Xidian University, Xian 710071, China

1 DSMIX: A Dynamic Self-organizing Mix Anonymous System Renpeng Zou∗, Xixiang Lv∗, ∗School of Cyber Engineering, Xidian University, Xian 710071, China Abstract—Increasing awareness of privacy-preserving has led There are, however, concerns about the lack of efficiency to a strong focus on anonymous systems protecting anonymity. and security in anonymous systems [6], [7], as explained By studying early schemes, we summarize some intractable below: problems of anonymous systems. Centralization setting is a universal problem since most anonymous system rely on central proxies or presetting nodes to forward and mix messages, which • Centralization. Most of anonymous systems, i.e. compromises users’ privacy in some way. Besides, availability Anonymizer [8], LPWA [9] and cMix [10], rely on central becomes another important factor limiting the development of proxies or preset nodes to hide the address information, anonymous system due to the large requirement of additional ad- then still use these proxies to blind and forward messages. ditional resources (i.e. bandwidth and storage) and high latency. Moreover, existing anonymous systems may suffer from different The centralized anonymous systems bring privacy leakage attacks including abominable Man-in-the-Middle (MitM) attacks, risks to users since the service providers can control Distributed Denial-of-service (DDoS) attacks and so on. In this all proxies and mix node to infer the users’ identities. context, we first come up with a BlockChain-based Mix-Net What’s worse, the public proxies or preset nodes are (BCMN) protocol and theoretically demonstrate its security and easily exposed to attackers. For instance, an attacker can anonymity. Then we construct a concrete dynamic self-organizing BlockChain-based MIX anonymous system (BCMIX). In the launch distributed denial-of-service attacks to block one system, users and mix nodes utilize the blockchain transactions or more proxies and thus crash the system. and their addresses to negotiate keys with each other, which • Availability. Efficiency and additional resources are can resist the MitM attacks. In addition, we design an IP the main factors affecting the availability of anony- sharding algorithm to mitigate Sybil attacks. To evaluate the mous systems. High-latency anonymous systems such BCMIX system, we leverage the distribution of mining pools in the real world to test the system’s performance and ability as OneSwarm [11] and A3 [12], though provide high to resistant attacks. Compared with other systems, BCMIX anonymity, are not well suited for practical utilization provides better resilience to known attacks, while achieving low because of the poor efficiency in terms of intolerable la- latency anonymous communication without significant bandwidth tency [11]. In order to hide the identities of the recipients, or storage resources. multicast/broadcast and peer-to-peer based anonymous Index Terms—Anonymous systems, blockchain, anonymity, systems consume more bandwidth resources to cover the self-organizing, mix network attacks. normal traffics [13]. In spite of effectiveness, users may not be willing to contribute a lot of bandwidth, which I. INTRODUCTION hinders the development of such anonymous systems. In EEPING communication private has become increasing addition, some anonymous systems, such as cMix, adopt K important in an era of mass surveillance and carriers- additional inspection schemes to identify the malicious sponsored attacks. Recently, many events about private data nodes, which would place an additional burden on users leakage in Online Social Networks (OSNs) [1], mobile net- and decrease message utilization. arXiv:2009.11546v1 [cs.CR] 24 Sep 2020 work service (Uber, Didi Chuxing) [2] and telephone commu- • Security. Along the research line about security, anony- nications [3] have occurred frequently. Thus it is often the case mous systems based on different mechanism may suffer that two parties want to communicate anonymously, which from different security issues. Some anonymous systems means to exchange messages while hiding the fact that they based on MIX technologies rely on fixed cascade nodes to are in conversation. mix and forward messages. Such systems are vulnerable In this context, the anonymous communication technology to collusion-tagging attacks which is hard to detect. Re- emerges as a critical topic. Aiming to preserve communica- routing or proxy forwarding based anonymous systems, tion privacy within the shared public network environment, such as Tor [14] and Tarzan [15], deliver messages anonymous communication mainly focus on how to hide the through nodes or proxies randomly selected from clusters, identities or address information of one side or both sides hence an eavesdropper can perform traffic analysis attacks in communications. Since the seminal work by Chaum [4] and destroy the anonymity. As for multicast/broadcast for anonymous communication, more than seventy anonymous based anonymous system, an attacker can masquerade systems have been proposed, based on different anonymous as the benign recipients to intercept the messages. With mechanism [5]. Generally, anonymous systems can be di- respect to the P2P based anonymous systems, an attacker vided into the following sub-types, mix re-encryption, mul- can create multiple identities to launch a Sybil attack, ticast/broadcast, mix multi-layer encryption and peer-to-peer. which allows the attacker to analyze the forwarding 2 path and impersonate the recipient to receive the mes- protocols or other schemes utilized in anonymous systems. In sages. Moreover, in anonymous systems applying key the case, we intend to construct an anonymous system which exchange schemes, an attacker can employ Man-in-the- can resist the attacks mentioned above. Middle (MitM) attacks [16] to undermine the security of Solution 3. Through the former schemes we found mix these systems. technology can defend against most kind of attacks on anony- mous systems except bring the centralization problem and tagging attacks. To mitigate the weakness, our first con- A. Solutions and Contributions sideration is combining blockchain and mix technology, as Motivated by these identified limitations, we combine mentioned in Solution 1. Unfortunately, the introduction of blockchain technology with mix network, and design a dy- blockchain raises the Sybil attacks into the anonymous system. namic self-organizing blockchain-based mix anonymous sys- By researching the properties of Sybil attacks we structure tem. We expect to dispose of the following challenges. PoW voting and IP sharding algorithms to mitigate the impact Challenge 1. Designing a decentralized self-organizing of Sybil attacks. For MitM attacks, we design a transaction- anonymous system. The first challenge we seek to address based key exchange scheme which makes use of the Bitcoin’s is the centralization issues. As we mention above, the central transaction propagation mechanism to break the single-channel proxies or preset nodes might pry into users’ private data and control of attackers. The detailed illustration is provided in reveal the true identities. Therefore, we intend to construct a Section V and Section VI. decentralized anonymous system in which the mix nodes are To summarize, the contributions of this paper are as follows. dynamic and self-organizing. • We propose a blockchain-based mix-net protocol Solution 1. When it comes to decentralization, the most (BCMN) whose security and anonymity are demonstrated popular technology is blockchain, an emerging decentralized theoretically. Especially, we elect miners as mix nodes via architecture and distributed computing paradigm underlying special algorithms to avoid the centralized settings. Bitcoin [17] and other cryptocurrencies. Leveraging the dy- • We construct a dynamic self-organizing blockchain-based namic and decentralized properties of blockchain miners, we mix anonymous system (upon the proposed BCMN proto- devise voting algorithms to elect mix nodes from blockchain col) and discuss how the proposal can satisfy the security miners. This trustless and distributed design not only prevents requirements. privacy leakage from service provides, but also mitigates • We demonstrate the feasibility and effectiveness of the single point failure and DDos attacks. proposed BCMIX by developing the system in an analog Challenge 2. Designing a user friendly anonymous network with the miner distribution data in the real world. system. Another challenge is to construct an anonymous Compared with existing systems, our system performs system with high availability. In fact, users are often reluctant well and provides stronger security. to consume more additional resources (i.e. bandwidth and computing resources) and wait for a long time. Thus we are B. Related Works drove to build a high available anonymous system with less Generally, anonymous communication systems can be di- additional resources. vided into the following sub-types, mix re-encryption, mul- Solution 2. Our proposed solution is inspired by cMix. ticast/broadcast, mix multi-layer encryption and peer-to-peer. Similar to cMix, we also split the time-consuming, compli- Mix re-encryption based anonymous systems [18], [19] lever- cated public key operations with the real time phase. The age cryptography technologies to dispose messages and hide difference is that cMix adopts fixed mix nodes with a stable the users’ identities, which can resist traffic analysis attacks. joint public key while our approach leverages the

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    14 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us